File Analysis Suite enable you to quickly and efficiently reduce information risk, analyze, optimize, and secure employee access to critical data. See how in @MicroFocusSec's new #DataProtection white paper: http://ms.spr.ly/60125enQj #DataSecurity #DataPrivacy #CyberResilience
🗣MicroFocus


🎖@malwr

Finding the right decompiler for Python bytecode can be a pain because there are so many.

I compiled this table to check the supported versions
🗣struppigel


🎖@malwr

Malware Analysis Series has exactly 450 pages so far:

MAS_1: https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
MAS_2: https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
MAS_3: https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/
MAS_4: https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/
MAS_5: https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/
MAS_6: https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/
MAS_7: https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/
🗣ale_sp_brazil


🎖@malwr

If you want to know what its like to be grilled as a forensic expert watch this. From the Murdaugh trial today.
🗣MDCDF

Thanks. I hate it.
👤carandfreedomgeek2

Solid one. Another is the kid in Michigan for that shooting. Thanks for posting a link OP!
👤bigt252002

When does the expert testimony start?
👤FabsudNalteb


🎖@malwr

New video drop! In this video, we'll explore more #yara basics by looking into #ascii versus #wide char strings. We'll also talk string obfuscation and use the #xor modifier.

https://youtu.be/J9Qr8Vfe9_s
🗣jstrosch


🎖@malwr

Fortinet's James Slaughter writes about the MyDoom worm (also known as Novarg and Mimail) that was first discovered in 2004, but which continues to operate well beyond expectations, with fresh infections still occurring in the wild. https://www.fortinet.com/blog/threat-research/just-because-its-old-doesnt-mean-you-throw-it-away-including-malware
🗣virusbtn


🎖@malwr

Analysis of BlackLotus UEFI bootkit - Bypasses UEFI Secure Boot even on fully updated Windows 11 systems (It brings legit yet vulnerable binaries to the victim system to exploit CVE-2022-21894 & bypass UEFI Secure Boot) : https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/ credits @smolar_m
🗣binitamshah


🎖@malwr

Trend Micro's Daniel Lunghi (@thehellu) details the update that Iron Tiger made to the custom malware family SysUpdate in its latest campaign. The custom malware now includes new features and has added malware infection support for the Linux platform. https://www.trendmicro.com/en_us/research/23/c/iron-tiger-sysupdate-adds-linux-targeting.html
🗣virusbtn


🎖@malwr

We decide to release something basic & quite simple:

A small tale on Anti-RE: Part 1

https://rixed-labs.medium.com/a-small-tale-on-anti-re-part-1-17a2cf199cf1

Have a good day ahead 🎉
🗣RixedLabs


🎖@malwr

cisagov/decider: A web application that assists network defenders, analysts, and researcher in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
🗣jnazario

I guess I'm trying to understand the place of this tool. Is this the idea if you don't have an existing TIP feeding you intelligence to source and map things on your own?
👤asecuredlife

Can someone point me to the benefits of mapping adversary behaviours in the scope of an incident ? I always feel like I do this for higher management, rarely for myself in the scope of forensics/incident analysis. What do I miss?
👤bromomotatata


🎖@malwr